Microsoft 'shares our concerns' over government snooping

Governments should use legal process not technological brute force

Rest easy people, Microsoft has got your back - and probably your front and sides - by sharing your concerns that the government is monitoring your every keystroke.

The controversy around the Prism monitoring is not going away, and Microsoft's legal eagle Brad Smith insists that the government should not ride roughshod over the law of the various lands.

"Many of our customers have serious concerns about government surveillance of the internet," Smith blogged.

"We share their concerns," he added. "That's why we are taking steps to ensure governments use legal process rather than technological brute force to access customer data.

Brute force

"Like many others, we are especially alarmed by recent allegations in the press of a broader and concerted effort by some governments to circumvent online security measures - and in our view, legal processes and protections - in order to surreptitiously collect private customer data.

"In particular, recent press stories have reported allegations of governmental interception and collection - without search warrants or legal subpoenas - of customer data as it travels between customers and servers or between company data centers in our industry."

Of course, leaked files from Edward Snowdon, that made the Prism tracking public knowledge, suggest that Microsoft opened up its files to the NSA, something the software giant insists it was legally obliged to do - so there's a degree of damage limitation in Smith's comments.

Prism

So what exactly is Microsoft doing about all of this going forward? Smith says that encryption and transparency are the keys - at the same time.

"While we have no direct evidence that customer data has been breached by unauthorized government access, we don't want to take any chances and are addressing this issue head on," Smith writes.

"Therefore, we will pursue a comprehensive engineering effort to strengthen the encryption of customer data across our networks and services.

Legal wranglings

When it comes to legal wranglings, Smith adds: "Except in the most limited circumstances, we believe that government agencies can go directly to business customers or government customers for information or data about one of their employees – just as they did before these customers moved to the cloud – without undermining their investigation or national security."

And last but not least, transparency - with Smith concluding: "Just as we've called for governments to become more transparent about these issues, we believe it's appropriate for us to be more transparent ourselves.

"We're therefore taking additional steps to increase transparency by building on our long-standing program that provides government customers with an appropriate ability to review our source code, reassure themselves of its integrity, and confirm there are no back doors."

Smith believes that there is a balance to be found between security and the law, and Microsoft is keen to show the world that it has found it.